Legal document

Privacy Policy

Channlr by FusionCore AfricaEffective: 29 March 2026Last updated: 29 March 2026

This policy explains how Channlr collects, uses, and protects data when you use our platform. Channlr is operated by FusionCore Africa, registered in Kenya. By using Channlr, you agree to the practices described here.

1. Who we are

Channlr is a WhatsApp Business API SaaS platform that helps African businesses send messages to their customers at scale. The platform is built and operated by FusionCore Africa.

CompanyFusionCore Africa
ProductChannlr (channlr.fusioncore.africa)
CountryKenya
Emailprivacy@fusioncore.africa

References to "Channlr", "we", "us", or "our" mean FusionCore Africa. References to "you" or "your" mean the individual or business using our platform.

2. Information we collect

We collect information in three ways: directly from you when you register and use Channlr, automatically when you use the platform, and from third parties such as Meta when you connect your WhatsApp Business Account.

Account information

  • First name, last name, email address
  • Phone number and physical address
  • Password (stored as a bcrypt hash — never in plaintext)
  • IP address at registration and login
  • Profile photo (optional)

Business and WhatsApp account information

  • Business name, industry, and description
  • WhatsApp Business Account (WABA) ID and phone number IDs
  • Verified business name from Meta
  • Message templates you create including their content and approval status

Messaging data

  • Phone numbers you send messages to (your customers' numbers)
  • Message delivery status: sent, delivered, read, failed
  • Meta message IDs (wamids) for delivery tracking
  • Timestamps of send, delivery, and read events
  • Conversation billing categories returned by Meta webhooks

Bot and conversation data

  • Bot configuration including the system prompt you write
  • API function definitions you add (endpoint URLs, descriptions)
  • Conversation history between your bot and your customers
  • AI response metadata: token usage and response latency

Billing and payment data

  • Paystack customer code and card details (last 4 digits, card type, expiry)
  • Payment history and invoice records
  • Conversation usage counts for billing purposes

Usage data (collected automatically)

  • Log data: pages visited, API calls made, timestamps
  • Browser type and operating system
  • Referring URLs

3. How we use your information

PurposeData usedLegal basis
Create and manage your accountName, email, password, phoneContract
Send WhatsApp messages on your behalfPhone number IDs, WABA ID, templatesContract
Run your AI bot and handle customer conversationsBot config, conversation historyContract
Calculate and issue invoicesConversation counts, plan detailsContract
Process payments via PaystackEmail, billing detailsContract
Send transactional emails (OTP, invoices, alerts)Email addressContract
Prevent fraud and abuseIP address, usage patternsLegitimate interest
Improve and debug the platformAggregated usage data, error logsLegitimate interest
Comply with legal obligationsAs requiredLegal obligation

We do not use your data for advertising. We do not sell your data to third parties. We do not use your customers' message content for any purpose other than delivering messages on your behalf.

4. WhatsApp and Meta data

Channlr integrates with the WhatsApp Business Cloud API provided by Meta Platforms, Inc. When you connect your WhatsApp Business Account through our Embedded Signup flow, the following applies:

  • We receive a temporary access token from Meta to access your WhatsApp Business Account. This token is stored encrypted and is deleted from our systems after your account is connected.
  • We store your WABA ID and phone_number_id to send messages on your behalf using our platform system user.
  • Meta sends delivery status updates (sent, delivered, read, failed) to our webhook endpoint. We store these statuses against each message for your analytics.
  • Meta may send billing and conversation category data via webhooks. We use this data solely to calculate your Channlr invoice.
Important: Channlr does not store the content of messages your customers send to your WhatsApp number beyond what is needed to operate your AI bot. Conversation history used by the bot is stored per your bot configuration and is retained as described in Section 7.

Your use of the WhatsApp Business API is also subject to Meta's WhatsApp Business Terms of Service and Meta's Privacy Policy.

5. How we share your data

We do not sell, rent, or trade your personal information. We share data only in the following limited circumstances:

Service providers

We share data with trusted third-party services that help us operate Channlr:

ProviderPurposeData shared
Meta Platforms, Inc.WhatsApp Business API — message deliveryPhone number IDs, WABA ID, message content
PaystackPayment processingEmail, name, billing amount
AnthropicAI bot responses (Claude API)Bot system prompt, conversation turns
DigitalOceanCloud infrastructure hostingAll data at rest on our servers
Email providerTransactional email deliveryEmail address, message content

All service providers are contractually required to protect your data and may only use it to provide services to us.

Legal requirements

We may disclose your information if required to do so by law, court order, or government authority in Kenya or any other applicable jurisdiction.

Business transfers

In the event of a merger, acquisition, or sale of FusionCore Africa, your data may be transferred as part of that transaction. We will notify you before your data is transferred and becomes subject to a different privacy policy.

6. Data storage and security

Your data is stored on servers located in the European Union region on DigitalOcean infrastructure. We implement the following security measures:

  • Passwords are hashed with bcrypt and never stored in plaintext
  • All data in transit is encrypted using TLS 1.2 or higher (HTTPS)
  • Sensitive values such as API keys and auth tokens are encrypted at rest using AES-256-GCM
  • Database access is restricted to application servers only — not publicly exposed
  • Redis is configured to require authentication and is not publicly accessible
  • API access is authenticated via short-lived JWT tokens or hashed API keys

Despite these measures, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security but we commit to notifying you promptly if a breach affecting your data occurs.

7. Data retention

Data typeRetention period
Account informationUntil you delete your account, then 30 days
Message logs and delivery status12 months from send date
Bot conversation history90 days from last message in the conversation
Invoice and payment records7 years (Kenya tax law requirement)
API access logs90 days
Onboarding session tokens (Meta)1 hour or until onboarding completes

When data reaches its retention limit it is permanently deleted from our systems and backups within 30 days.

8. Your rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access — request a copy of the personal data we hold about you
  • Correction — request correction of inaccurate or incomplete data
  • Deletion — request deletion of your account and personal data (subject to legal retention requirements)
  • Portability — request your data in a machine-readable format
  • Objection — object to processing based on legitimate interests
  • Restriction — request that we restrict processing of your data in certain circumstances

To exercise any of these rights, email us at privacy@fusioncore.africa with your full name and the email address on your account. We will respond within 30 days.

Account deletion: You can delete your account at any time from Settings → Account → Delete Account in the Channlr dashboard. Deletion removes your account and all associated data except records we are legally required to retain (invoices and payment records).

9. Cookies

Channlr uses cookies and similar technologies to operate the platform. We use:

  • Authentication cookies — to keep you logged in during a session. These are HTTP-only, Secure, and SameSite=None (required for cross-origin auth between our API and dashboard).
  • Preference cookies — to remember your dashboard settings such as theme and language.

We do not use advertising or tracking cookies. We do not use third-party analytics cookies. You can clear cookies through your browser settings at any time, though this will log you out of the platform.

10. Children's privacy

Channlr is a business platform intended for use by organisations and individuals aged 18 and over. We do not knowingly collect personal data from children under the age of 18. If you believe a child has provided us with personal data, please contact us immediately at privacy@fusioncore.africa and we will delete it promptly.

11. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes we will:

  • Update the "Last updated" date at the top of this page
  • Send an email notification to your registered email address
  • Display a notice in the Channlr dashboard for 30 days

Continued use of Channlr after changes take effect constitutes your acceptance of the updated policy. If you do not agree to the updated policy, you may delete your account as described in Section 8.

12. Contact us

If you have any questions, concerns, or requests regarding this Privacy Policy or the way we handle your data, please reach out to us:

Privacy enquiries

privacy@fusioncore.africa

FusionCore Africa · Nairobi, Kenya
We aim to respond within 2 business days.

General support

support@fusioncore.africa

For account issues, billing questions, and technical support.